CVE-2013-6425
pixman - integer underflow
EPSS 3.0%
Description
Integer underflow in the pixman_trapezoid_valid macro in pixman.h in Pixman before 0.32.0, as used in X.Org server and cairo, allows context-dependent attackers to cause a denial of service (crash) via a negative bottom value.
How to fix CVE-2013-6425
To remediate CVE-2013-6425, upgrade the affected package to a fixed version below.
- Debian/pixman—upgrade to 0.30.2-2 or later
- Debian/pixman—upgrade to 0.16.4-1+deb6u1 or later
Is CVE-2013-6425 being exploited?
Low — EPSS is 3.0%, meaning exploitation activity has not been observed at scale.
Affected packages (2)
- from 0, < 0.30.2-2
- from 0, < 0.16.4-1+deb6u1